From 5c51893035a136faafb5b8b07daa82f581a4613f Mon Sep 17 00:00:00 2001
From: ehuman <ehuman@9a5d90b5-6617-0410-8a86-bb477d3ed2e3>
Date: Mon, 5 Aug 2013 15:47:52 +0000
Subject: [PATCH] Moved setting encryption flags to after handshake completion

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@230 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
---
 ssl/tls1.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ssl/tls1.c b/ssl/tls1.c
index 428c9ea56..6122ae9e9 100755
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@@ -1334,14 +1334,14 @@ int basic_read(SSL *ssl, uint8_t **in_data)
                 goto error;
             }
 
-            /* all encrypted from now on */
-            SET_SSL_FLAG(SSL_RX_ENCRYPTED);
             if (set_key_block(ssl, 0) < 0)
             {
                 ret = SSL_ERROR_INVALID_HANDSHAKE;
                 goto error;
             }
             
+            /* all encrypted from now on */
+            SET_SSL_FLAG(SSL_RX_ENCRYPTED);
             memset(ssl->read_sequence, 0, 8);
             break;
 
@@ -1441,11 +1441,12 @@ int send_change_cipher_spec(SSL *ssl)
 {
     int ret = send_packet(ssl, PT_CHANGE_CIPHER_SPEC, 
             g_chg_cipher_spec_pkt, sizeof(g_chg_cipher_spec_pkt));
-    SET_SSL_FLAG(SSL_TX_ENCRYPTED);
 
     if (ret >= 0 && set_key_block(ssl, 1) < 0)
         ret = SSL_ERROR_INVALID_HANDSHAKE;
-
+    
+    if (ssl->cipher_info)
+        SET_SSL_FLAG(SSL_TX_ENCRYPTED);
     memset(ssl->write_sequence, 0, 8);
     return ret;
 }